[
https://issues.apache.org/jira/browse/ARTEMIS-5340?focusedWorklogId=960571&page=com.atlassian.jira.plugin.system.issuetabpanels:worklog-tabpanel#worklog-960571
]
ASF GitHub Bot logged work on ARTEMIS-5340:
-------------------------------------------
Author: ASF GitHub Bot
Created on: 06/Mar/25 14:49
Start Date: 06/Mar/25 14:49
Worklog Time Spent: 10m
Work Description: jbertram commented on code in PR #5547:
URL: https://github.com/apache/activemq-artemis/pull/5547#discussion_r1983496876
##########
artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/ssl/SSLSupport.java:
##########
@@ -352,10 +354,15 @@ public static KeyStore loadKeystore(final String
keystoreProvider,
return ks;
}
- public static void checkPemProviderLoaded(String keystoreType) {
+ /**
+ * This method uses reflection to load the appropriate
java.security.Provider for PEM use-cases. Reflection is used
+ * to avoid a hard dependency on the provider's implementation so that
folks who don't use PEM don't have to include
+ * the corresponding dependency.
+ */
+ public static void checkPemProviderLoaded(String keystoreType) throws
Exception {
if (keystoreType != null && keystoreType.startsWith("PEM")) {
if (Security.getProvider("PEM") == null) {
- Security.insertProviderAt(new
de.dentrassi.crypto.pem.PemKeyStoreProvider(),
+ Security.insertProviderAt((Provider)
Class.forName(PEM_PROVIDER).getDeclaredConstructor().newInstance(),
Review Comment:
I like that solution, @gemmellr.
Issue Time Tracking
-------------------
Worklog Id: (was: 960571)
Time Spent: 1h (was: 50m)
> PEM provider not actually optional
> ----------------------------------
>
> Key: ARTEMIS-5340
> URL: https://issues.apache.org/jira/browse/ARTEMIS-5340
> Project: ActiveMQ Artemis
> Issue Type: Bug
> Reporter: Justin Bertram
> Assignee: Justin Bertram
> Priority: Major
> Labels: pull-request-available
> Time Spent: 1h
> Remaining Estimate: 0h
>
> Work was done via ARTEMIS-4710 to make the dependencies for the PEM security
> provider optional. However, that work was not complete.
> The provider class still has to be loaded by the JVM the first time any
> reference to {{SSLSupport}} is made which is done when enabling SSL on any
> acceptor, e.g.:
> {noformat}
> Caused by: java.lang.NoClassDefFoundError:
> de/dentrassi/crypto/pem/PemKeyStoreProvider
> at
> org.apache.activemq.artemis.core.remoting.impl.netty.NettyAcceptor.<init>(NettyAcceptor.java:294){noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
For further information, visit: https://activemq.apache.org/contact
